Wednesday, September 25, 2013

CSAW CTF Quals: Misc 50 50 100 200

Misc #1  50pts

The file provided was a pcap file, wireshark it is.

Telnet looks interesting so right click and follow the tcp stream.

…..And key.

Misc #2 50 points
I didn’t know what a .process file was, but I figured that notepad++ would at least provide an initial starting point.

Instead I found the key. 

Misc #3 100 points

The file provided was a blank white png. Decided to look at the png in paint.  There seemed to be some different colors so I filled in the background with paint:

And Key.

Misc #4 200 points

Again the file provided is a png file; however, this png is corrupted and will not open with most image viewers. (except Microsoft’s default image viewer) Opening up the file with tweakpng, we noticed that the crc sum was not correct.

Tweakpng allows the information in the file to be modified.

We played around with these values until we came up with this image:

The values we came up with were:

Zooming in on the photo we saw:

The Key! For your convenience I outlined the letters below.



1 comment:

  1. RE the last one with the invalid IHDR chunk, values for the header which generates the correct checksum:

    W: 2475
    H: 1253
    BD: 1
    Color: 0
    Interlace: 1
    CRC: 0xFCC410A8

    Other values 0 as per PNG spec.